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REPLY BRIEF 

In response to the Examiner's Answer mailed April 11, 2008, maintaining the rejection 
asserted in the Final Office Action ("the Action") of pending claims 1-18, Appellants 
respectfully request that the Board of Patent Appeals and Interferences reconsider and reverse 
the rejections of record. 

I. Status Of Claims 

Claims 1-5, 7-11, and 13-17 stand rejected under 35 U.S.C. § 102(e) as allegedly being 
anticipated by U.S. Patent No. 7,062,563 to Lewis et al. ("Lewis"). Claims 6, 12, and 18 stand 
rejected under 35 U.S.C. § 103(a) as allegedly being obvious over Lewis in view of U.S. Pat. 
App. Pub. No. 2001/0049717 to Freeman et al. ("Freeman"). 

The rejection of claims 1-18 is appealed. 

II. Grounds Of Rejection To Be Reviewed On Appeal 

The following grounds of rejection are to be reviewed on appeal: 

• The rejection of claims 1-5 and 7-11 and 13-17 under 35 U.S.C. §102(e) as 
allegedly being anticipated by U.S. Patent No. 7,062,563 to Lewis et al. 
("Lewis"). 

• The rejection of claims 6, 12, and 18 under 35 U.S.C. § 103(a) as allegedly being 
obvious over Lewis in view of U.S. Pat. App. Pub. No. 2001/0049717 to Freeman 
et al. ("Freeman"). 

III. Argument 

The Office has failed to show: (1) that the claims are anticipated and (2) that the claims 
are obvious. Each of the specific claims and the impropriety of the rejections is addressed 
below. 
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A. The Rejection Of Claims 1-5 And 7-11, And 13-17 Under 35 U.S.C. §102(e) 

The Examiner's Answer continues to repeat at least the following errors in this case: 

An alleged disclosure of mapping to a schema within a database fails to disclose 

"enabling a user to submit a user identification input and a user request to a reporting system" 
Lewis fails to disclose "a centralized server wherein the centralized server maps 

the user to at least one appropriate database based on the user request and at least one database 

connection definition." 

Claim 1 recites: 

A method for implementing database connection mapping for 
connecting a user to at least one database in a reporting system, 
comprising the steps of: enabling a user to submit a user 
identification input and a user request to a reporting system : 
identifying the user based on user identification input; and 
controlling access to at least one database through a centralized 
server wherein the centralized server maps the user to at least one 
appropriate database based on the user request and at least one 
database connection definition. 

(Emphasis added.) As discussed in greater detail below the Examiner's Answer 

continues to ignore the significance of "submitting] a user identification input and a user request 

to a reporting system." In addition, the Examiner's Answer fails to give proper weight to the 

recitation "a centralized server wherein the centralized server maps the user to at least one 

appropriate database based on the user request and at least one database connection definition." 

1. An alleged disclosure of mapping to a schema within a database fails 
to disclose "enabling a user to submit a user identification input and a user request to a 
reporting system" 

The Examiner's Answer asserts that Lewis discloses "enabling a user to submit a user 
identification input and a user request to a reporting system." The Examiner's Answer relies on 
Lewis column 5, lines 49-60 and column 7, line 47 - column 8, line 5 for this alleged disclosure. 
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Appellants note that neither citation refers to enabling a user to submit a request. In contrast, 

both entries refer to mapping objects in a directory information system. For example, column 7, 

line 47 - column 8, line 5 recites: 

Mapping objects comprise another object class useable in the 
invention. As described in more detail below, these objects are 
used for schema assignments, to map enterprise users to local 
database schemas. The mapping object contains the mapping of 
an enterprise DN and a native database username. According to an 
embodiment, the mapping object exists as a child of a server object 
or of an enterprise domain object. In an embodiment, the mapping 
object is a group object, where the CN attribute reflects the schema 
name and the members attribute contains all users who map to that 
schema. In an alternate embodiment, the mapping object is not a 
group object, where a native user attribute reflects the schema 
name and a distinguished name attribute contains the user 
identification that maps to a schema. An entry level mapping 
object according to an embodiment is an objectclass that contains a 
single mapping represented as two attributes: a full DN for an 
Enterprise User and a native username. A subtree-level mapping 
object is an objectclass that contains a single mapping represented 
as two attributes, e.g., a DN that does not necessarily represent an 
Enterprise User, and a native username. Only users under that DN 
in the directory tree will be mapped to the specified native user. If 
the DN itself is a user, then that user is not mapped to the native 
user. A full DN preferably takes precedence over a partial DN, and 
a mapping under the server takes precedence over one under that 
server's enterprise domain. 

(Emphasis added). This cited portion of Lewis, at best, discloses mapping objects and how a 

mapping object may be used to map an enterprise user to a schema, which is a subset of a 

database. An enterprise user is simply "a user defined and managed in a directory information 

system." See Lewis, column 3, lines 64-65. Thus, this citation fails to disclose "enabling a user 

to submit a user identification input and a user request to a reporting system." Column 5, lines 

49-60 of Lewis similarly fail to disclose "enabling a user to submit a user identification input and 

a user request to a reporting system." 



-3- 



Attorney docket No. 53470.003029 



Application No. 09/883,301 



Additionally, the Examiner appears to assert that Lewis' alleged directory information 

system equates to a reporting system. See Examiner's Answer, page 6 ("Examiner had read 

'directory information system' as a 'reporting system'"). Appellants respectfully submit a 

directory information system is not a reporting system. As recognized by the Examiner, the 

specification of the present application provides examples of reporting systems including 

decision support, Business Intelligence, and on-line analytical processing systems. See 

specification, page 1, lines 1-3. See also, Examiner's Answer page 6. 1 A person of ordinary skill 

in the art would recognize that a reporting system is not an LDAP directory. Lewis clearly 

discloses that a directory information system may comprise "a LDAP directory." See column 3, 

lines 2-6. Lewis further states: 

According to an embodiment of the invention, the 
relationships between users and their associated roles in an 
enterprise domain structure are maintained as a hierarchy of 
objects in a directory information system. A directory in a 
directory information system can be considered an index to 
organized information. The directory lists objects, e.g., people 
and organizations, and gives details about each object. In a 
computerized environment, a directory is a database that 
stores collections of information about objects. The information 
in such a directory might represent any resource that require 



1 Appellants believe that the Examiner accidentally misquoted the Appellants' specification on 
the last line of page 6 of the Examiner's Answer through the sixth line of page 7 of the 
Examiner's Answer. The cited portion of the Appellants' specification, page 3, lines 14-17 
recites: 

"The present invention provides a method and system for implementing database 
connection mapping for connecting a user to at least one database in a reporting system wherein 
a user may submit a user identification input and a user request to the reporting system. The 
system may then identify the user based on user identification input. A central server may" 
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management-for example, employee names, titles, and security 
credentials, information about e-commerce partners, or about 
shared network resources such as conference rooms and printers. 

A common directory information system is a directory 
based on the Lightweight Directory Access Protocol ("LDAP"). 

Column 4, line 64 - column 5, line 1 1 (emphasis added). Appellants were unable to find a 

disclosure of a reporting system or of reports in Lewis. Clearly a reporting system is not 

disclosed by an LDAP directory. Thus, Lewis fails to disclose "enabling a user to submit a user 

identification input and a user request to a reporting system." For at least Lewis' failure to 

disclose "enabling a user to submit a user identification input and a user request to a reporting 

system," Lewis does not anticipate claim 1. 

2. Lewis fails to disclose "controlling access to at least one database 
through a centralized server wherein the centralized server maps the user to at least one 
appropriate database based on the user request and at least one database connection 
definition." 

The Examiner continues to confuse Lewis' alleged disclosure of a mapping a user to a 

schema of a database with "controlling access to at least one database through a centralized 

server wherein the centralized server maps the user to at least one appropriate database based on 

the user request and at least one database connection definition" as required by the pending 

independent claims. See Examiner's Answer, page 7. Lewis clearly states: 

Databases (and other LDAP clients) refer to entries in 
the directory information system to determine enterprise user 
authorization at login. In an embodiment, the enterprise domain 
is associated with at least two types of objects: enterprise role 
objects and mapping objects. Enterprise role objects contain 
information about roles in the computing system. Mapping object 
contains mapping information between a full or partial 
distinguished name ("DN) in the directory information system and 
a user/schema name. Mapping objects are normally created for a 
particular domain. Mapping objects also reside under server 
objects, and are created for a particular database. 
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Lewis, column 5, lines 49-60 (emphasis added). A mapping object cannot therefore disclose 

"map[ping] the user to at least one appropriate database based on the user request and at least 

one database connection definition" because a mapping object is "created for a particular 

database." Lewis further clarifies that mapping objects do not map to a database but to a schema 

within a database in column 7. Column 7, lines 47-52 recite: 

Mapping objects comprise another object class useable in the 
invention. As described in more detail below, these objects are 
used for schema assignments, to map enterprise users to local 
database schemas. The mapping object contains the mapping 
of an enterprise DN and a native database username. 

Lewis, column 7, lines 47-52 (emphasis added). The cited portion of Lewis, at best, 
discloses mapping objects and how a mapping object may be used to map an enterprise user to a 
schema, which is a subset of a database. A mapping object, at best, maps a user to a schema 
within a database (which the user is already connected to), not to the database. Thus, the cited 
portion of Lewis fails to disclose "controlling access to at least one database through a 
centralized server wherein the centralized server maps the user to at least one appropriate 
database based on the user request and at least one database connection definition." 

The second citation by the Office similarly fails to disclose "controlling access to at least 

one database through a centralized server wherein the centralized server maps the user to at least 

one appropriate database based on the user request and at least one database connection 

definition." The second cited portion of Lewis, column 10, lines 37-52 recites: 

An" alternate linking approach is to use "fixed user" or "named" 
links. Unlike a connected-user link, a named link contains both the 
connect string and the appropriate user credentials (e.g., 
username/password or other authentication information) for the 
relevant account on the remote server. Thus, named links allow a 
user on a first database to execute a procedure at a second 
database using the security context of another user. The 
drawback to this approach is that providing this authentication 
information in a named link creates a potential security problem, 
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since the authentication information may become available to 
unauthorized users or administrators that have access to the named 
link on either the source or target databases. Encrypting the 
password information is not an optimal solution since management 
and transmission of encryption keys between databases provides 
another potential source of security failure. 

(Emphasis added). This cited portion of Lewis, at best, discloses connecting from one database 

to another. A "user on a first database" is a user who is already mapped to a database, not a user 

who is being mapped to "at least one appropriate database based on the user request and at least 

one database connection definition." Furthermore, "execut[ing] a procedure at a second database 

using a security context of another user" is not "controlling access to at least one database 

through a centralized server wherein the centralized server maps the user to at least one 

appropriate database based on the user request and at least one database connection definition." 

On the contrary, the named link contains the user name and password of the other user to 

execute the stored procedure. In contrast, this is at best providing access through another user's 

security context. As recognized by Lewis, this provides a "potential source of security failure." 

See Lewis, column 10, line 52. The first user is not mapped to the second database. 

Furthermore, allegedly connecting from a first database to a second database using a 
stored procedure is not access controlled through a centralized server. At best this is access 
through a database procedure using a stored username and password. The named link will not 
map to "at least one appropriate database based on the user request and at least one database 
connection definition." The named link will always connect to the same database utilizing a 
"connect string and the appropriate user credentials (e.g., username/password or other 
authentication information)." 

The rejection of claims 2-5, 7-11, and 13-17 also fails for reasons analogous to those 
given in support of claim 1. 
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In view of the foregoing, it is respectfully requested that the aforementioned rejections be 
reversed. 

B. Claim 2 is Separately Patentable 

Claim 2 recites "wherein the database connection definition comprises a data source 
name and a set of properties for establishing a database connection to at least one database" 
(emphasis added). Claim 1 recites that "the centralized server maps the user to at least one 
appropriate database based on the user request and at least one database connection definition" 
(emphasis added). Thus, the claimed centralized server maps a user to at least one appropriate 
database based on a user request and at least one database connection definition, which 
comprises a data source name and a set of properties for establishing a database connection to at 
least one database. 

Appellants respectfully submit that the Examiner's Answer incorrectly asserts that 
Appellants' Appeal Brief relies on "the links disclosed in Lewis are between databases" and that 
these features are not recited in the rejected claims. See Examiner's Answer, page 9. Appellants 
submit that references to Lewis were merely statements addressing the Examiner's arguments. 
Appellants' Appeal Brief addressed several portions of Lewis to illustrate that the Examiner's 
reliance on a database connection definition and/or a named link fails for several reasons. 

First, the named link at best discloses a connection between databases, not a centralized 
server [wherein the centralized server] maps the user to at least one appropriate database 
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based on the user request and at least one database connection definition." 2 

Second, Lewis fails to disclose "a set of properties for establishing a database connection 
to at least one database" as recited in claim 2. In contrast, Lewis discloses that a user is 
connected to a computer access device 106 which communicates authentication information to 
"the respective database for which access is sought." See Lewis, col. 3, 11. 6-10. Then, the 
"centralized directory information system 104 communicates with each database 108 and 1 10 to 
authenticate users that seek to access any of the databases serviced by the centralized directory 
information system 104." See Lewis, col. 3, 11. 20-24. Thus a user is not mapped to a database 
"based on a user request and at least one database connection definition [which] comprises a data 
source name and a set of properties for establishing a database connection to at least one 
database." Lewis thus discloses a user seeking access to a particular database not being mapped 
to a database. The distinction, as discussed in further detail in the Appeal Brief and illustrated in 
the specification is significant. 

The Examiner's Answer also relies upon Lewis column 10, lines 37-52 to allege 
disclosure of claim 2. As discussed above and in the Appeal Brief, the usage of named links 
utilizing the fixed security context of another user neither "controls access to at least one 



2 Appellants believe the discussion of Lewis' mapping between two databases in the 
Appeal Brief on page 15, lines 1-14 was misinterpreted as a reliance on the features of Lewis. 
Appellants respectfully submit that the Appeal Brief cited Lewis to illustrate the clear differences 
of Lewis from the present application. 
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database through a centralized server" nor "maps the user to at least one appropriate database 
based on the user request and at least one database connection definition." In contrast, named 
links represent a blanket grant of access by a "link" to anyone who can access the link. See 
Lewis column 10, lines 37-52 ("The drawback to this approach is that providing this 
authentication information in a named link creates a potential security problem, since the 
authentication information may become available to unauthorized users"). 

Therefore, claim 2 is also allowable over Lewis and is in condition for allowance for 
reasons independent of the allowability of claim 1. 

Claims 8 and 14 also are independently in condition for allowance for reasons analogous 
to those given in support of claim 2. 

C. The Rejection Of Claims 6, 12, And 18 Under 35 U.S.C. § 103(a) 

On page 5 of the Examiner's Answer, the Examiner maintains the rejection of claims 6, 
12, and 18 under 35 U.S.C. § 103(a) as allegedly being obvious over Lewis in view of U.S. Pat. 
App. Pub. No. 2001/0049717 to Freeman et al. ("Freeman"). Appellants respectfully traverse. 

Claims 6, 12, and 18 respectively depend from claims 1, 7, and 13, which are in condition 
for allowance. Accordingly, claims 6, 12, and 18 also are in condition for allowance and reversal 
of the aforementioned rejections is respectfully requested. 

Therefore, claims 1-18 are in condition for allowance and reversal of the rejections of 
claims 1-18 is respectfully requested. 
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IV. Conclusion 

Because the cited reference fails to disclose or render obvious all features set forth in the 
pending claims, Appellants submit that the pending claims are allowable over the cited reference. 
Accordingly, Appellants respectfully request that the Board reverse the prior art rejections set 
forth in the Action, and allow all of the pending claims. Authorization is hereby granted to 
charge or credit the undersigned's Deposit Account No. 50-0206 for any fees or overpayments 
related to the entry of this Appeal. 



Date: 




Ozzie Farres 
Registration No. 43,606 



Hunton & Williams 
1900 K. St., NW, Suite 1200 
Washington, D.C. 20006-1109 
(202) 955-1500 



-11- 



